HCoop / jackhill / guix / guix.git / blame
| Commit | Line | Data |
|---|---|---|
| 51de92a0 MW |
1 | Copied from Debian. |
| 2 | ||
| 3 | From: Petr Stodulka <pstodulk@redhat.com> | |
| 4 | Date: Mon, 14 Sep 2015 18:23:17 +0200 | |
| 5 | Subject: Upstream fix for heap overflow | |
| 6 | Bug-Debian: https://bugs.debian.org/802162 | |
| 7 | Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1260944 | |
| 8 | Origin: https://bugzilla.redhat.com/attachment.cgi?id=1073002 | |
| 9 | Forwarded: yes | |
| 10 | ||
| 11 | --- | |
| 12 | crypt.c | 12 +++++++++++- | |
| 13 | 1 file changed, 11 insertions(+), 1 deletion(-) | |
| 14 | ||
| 15 | --- a/crypt.c | |
| 16 | +++ b/crypt.c | |
| 17 | @@ -465,7 +465,17 @@ | |
| 18 | GLOBAL(pInfo->encrypted) = FALSE; | |
| 19 | defer_leftover_input(__G); | |
| 20 | for (n = 0; n < RAND_HEAD_LEN; n++) { | |
| 21 | - b = NEXTBYTE; | |
| 22 | + /* 2012-11-23 SMS. (OUSPG report.) | |
| 23 | + * Quit early if compressed size < HEAD_LEN. The resulting | |
| 24 | + * error message ("unable to get password") could be improved, | |
| 25 | + * but it's better than trying to read nonexistent data, and | |
| 26 | + * then continuing with a negative G.csize. (See | |
| 27 | + * fileio.c:readbyte()). | |
| 28 | + */ | |
| 29 | + if ((b = NEXTBYTE) == (ush)EOF) | |
| 30 | + { | |
| 31 | + return PK_ERR; | |
| 32 | + } | |
| 33 | h[n] = (uch)b; | |
| 34 | Trace((stdout, " (%02x)", h[n])); | |
| 35 | } |